Rezevox ("we", "our", "us") operates dental.rezevox.com, a dental practice management software platform. This Privacy Policy explains how we collect, use, store, and protect information when dental clinics and their patients use our platform. By using Rezevox, you agree to this policy.
We collect the following categories of information: For dental clinics: Clinic name, doctor name, qualification, registration number, address, phone, email, and payment information. For patients: Name, phone number, email address, date of birth, gender, medical history, dental history, allergies, appointment records, treatment notes, billing records, and prescriptions. Technical data: IP addresses, browser type, pages visited, and usage analytics to improve our service.
We use collected information to: • Provide clinic management and patient booking services • Send appointment confirmations and reminders via email • Generate invoices and prescriptions • Allow patients to access their own health records • Improve our platform and fix technical issues • Communicate important service updates We do not sell, rent, or share your personal information with third parties for marketing purposes.
Rezevox processes sensitive personal data including health and medical information. This data is: • Stored encrypted on secure servers • Accessible only to the specific clinic that created it and the patient it belongs to • Never shared between clinics • Never used for advertising or profiling • Processed in compliance with India's Digital Personal Data Protection Act, 2023 (DPDP Act) Each clinic's data is completely isolated — no clinic can access another clinic's patient records.
Your data is stored on Supabase's secure cloud infrastructure with servers in Singapore. We implement: • End-to-end HTTPS encryption for all data in transit • Row-level security ensuring strict data isolation between clinics • Secure authentication via industry-standard JWT tokens • Regular automated backups • API keys and credentials stored securely, never in source code
We retain your data for as long as your clinic account is active. If you cancel your subscription: • Your data remains accessible for 30 days after cancellation • You may export all your data at any time from the Settings page • After 30 days, data is permanently deleted from our servers • Patient records are retained as required by applicable Indian medical regulations
Under India's DPDP Act 2023, patients have the right to: • Access their personal data held by us • Correct inaccurate personal data • Request erasure of their personal data • Withdraw consent for data processing • Nominate a representative to exercise these rights To exercise these rights, contact the clinic directly or email us at privacy@rezevox.com.
We use the following trusted third-party services: • Supabase — database and authentication (supabase.com) • Vercel — hosting and deployment (vercel.com) • Resend — transactional emails (resend.com) • Razorpay — payment processing (razorpay.com) • Anthropic Claude — AI assistant features (anthropic.com) Each provider has their own privacy policy and security standards. Patient health data is not shared with AI providers in identifiable form.
We use essential cookies only — required for authentication and keeping you logged in. We do not use advertising or tracking cookies. You can disable cookies in your browser but this will prevent you from logging in.
Rezevox is not intended for direct use by children under 18. Clinics may store records for minor patients as part of legitimate dental care. Parents or guardians may request access to or deletion of their child's records by contacting the clinic or emailing privacy@rezevox.com.
We may update this Privacy Policy from time to time. We will notify registered clinics by email at least 14 days before any material changes take effect. Continued use of Rezevox after changes constitutes acceptance of the updated policy.
For privacy-related questions, data requests, or concerns: Email: privacy@rezevox.com General: info@rezevox.com Website: rezevox.com We aim to respond to all privacy requests within 72 hours.